aboutsummaryrefslogtreecommitdiffstats
path: root/graphics
diff options
context:
space:
mode:
authorthierry <thierry@FreeBSD.org>2006-10-09 05:26:27 +0800
committerthierry <thierry@FreeBSD.org>2006-10-09 05:26:27 +0800
commit1db769b2a2c568a644c78b5353eb2904220c0fd5 (patch)
treedd77c83fa50bd647f5b72b016f02e85d2df3fac7 /graphics
parentbf23c398d28c7740c0c43fcf48a1c2f41aaef4c0 (diff)
downloadfreebsd-ports-gnome-1db769b2a2c568a644c78b5353eb2904220c0fd5.tar.gz
freebsd-ports-gnome-1db769b2a2c568a644c78b5353eb2904220c0fd5.tar.zst
freebsd-ports-gnome-1db769b2a2c568a644c78b5353eb2904220c0fd5.zip
Import a patch from Gentoo bug #127008 to fix CVE-2006-1060.
Security: VuXML ID: a813a219-d2d4-11da-a672-000e0c2e438a
Diffstat (limited to 'graphics')
-rw-r--r--graphics/zgv/Makefile5
-rw-r--r--graphics/zgv/files/patch-zgv-5.9-cmyk-ycck-fix.diff69
2 files changed, 70 insertions, 4 deletions
diff --git a/graphics/zgv/Makefile b/graphics/zgv/Makefile
index 01790fc669ee..40033a58eae8 100644
--- a/graphics/zgv/Makefile
+++ b/graphics/zgv/Makefile
@@ -7,6 +7,7 @@
PORTNAME= zgv
PORTVERSION= 5.9
+PORTREVISION= 1
CATEGORIES= graphics
MASTER_SITES= ${MASTER_SITE_SUNSITE}
MASTER_SITE_SUBDIR= apps/graphics/viewers/svga
@@ -14,10 +15,6 @@ MASTER_SITE_SUBDIR= apps/graphics/viewers/svga
MAINTAINER= ports@FreeBSD.org
COMMENT= Graphics viewer for SVGAlib
-FORBIDDEN= http://vuxml.freebsd.org/a813a219-d2d4-11da-a672-000e0c2e438a.html
-DEPRECATED= ${FORBIDDEN}
-EXPIRATION_DATE=2006-12-01
-
LIB_DEPENDS= tiff.4:${PORTSDIR}/graphics/tiff \
vga.1:${PORTSDIR}/graphics/svgalib \
jpeg.9:${PORTSDIR}/graphics/jpeg \
diff --git a/graphics/zgv/files/patch-zgv-5.9-cmyk-ycck-fix.diff b/graphics/zgv/files/patch-zgv-5.9-cmyk-ycck-fix.diff
new file mode 100644
index 000000000000..720011facbd9
--- /dev/null
+++ b/graphics/zgv/files/patch-zgv-5.9-cmyk-ycck-fix.diff
@@ -0,0 +1,69 @@
+--- src/readjpeg.c.orig Sun Oct 31 15:54:26 2004
++++ src/readjpeg.c Sun Oct 8 22:43:59 2006
+@@ -92,11 +92,18 @@
+ int *real_width,int *real_height)
+ {
+ static FILE *in;
++/*
++Patch imported from Gentoo Bug #127008 to fix CVE-2006-1060
++VuXML ID a813a219-d2d4-11da-a672-000e0c2e438a
++<http://bugs.gentoo.org/show_bug.cgi?id=127008>
++*/
++static int cmyk;
+ struct my_error_mgr jerr;
+ int row_stride; /* physical row width in output buffer */
+ int tmp,f;
+-unsigned char *ptr;
++unsigned char *ptr,*ptr2;
+
++cmyk=0;
+ use_errmsg=0;
+ theimage=NULL;
+ howfar=howfarfunc;
+@@ -161,6 +168,15 @@
+ pal[f]=pal[256+f]=pal[512+f]=f;
+ }
+
++if(cinfo.jpeg_color_space==JCS_CMYK)
++ cmyk=1;
++
++if(cinfo.jpeg_color_space==JCS_YCCK)
++ {
++ cmyk=1;
++ cinfo.out_color_space=JCS_CMYK;
++ }
++
+ width=cinfo.image_width;
+ height=cinfo.image_height;
+
+@@ -191,7 +207,7 @@
+ }
+
+ if(WH_BAD(width,height) ||
+- (theimage=(byte *)malloc(pixelsize*width*height))==NULL)
++ (theimage=(byte *)malloc(pixelsize*width*(height+cmyk)))==NULL)
+ {
+ jpegerr("Out of memory"); /* XXX misleading if width/height are bad */
+ longjmp(jerr.setjmp_buffer,1);
+@@ -222,7 +238,20 @@
+ while(cinfo.output_scanline<height)
+ {
+ jpeg_read_scanlines(&cinfo,&ptr,1);
+- for(f=0;f<width;f++) { tmp=*ptr; *ptr=ptr[2]; ptr[2]=tmp; ptr+=3; }
++ if(!cmyk)
++ for(f=0;f<width;f++) { tmp=*ptr; *ptr=ptr[2]; ptr[2]=tmp; ptr+=3; }
++ else
++ {
++ ptr2=ptr;
++ for(f=0;f<width;f++,ptr+=3,ptr2+=4)
++ {
++ tmp=ptr2[3];
++ ptr[0]=(tmp*ptr2[2])/255;
++ ptr[1]=(tmp*ptr2[1])/255;
++ ptr[2]=(tmp*ptr2[0])/255;
++ }
++ }
++
+ if(howfar!=NULL) howfar(cinfo.output_scanline,height);
+ }
+